MUFG Union Bank Information Risk Manager, Vice President (Hybrid - AZ, CA, NC, NY, TX) in Monterey Park, California
Do you want your voice heard and your actions to count?
Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 5th largest financial group in the world. Across the globe, we’re 180,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.
With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.
Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.
This is a hybrid position. There are flexible work from home options available. A member of our recruitment team will discuss the options with you in more detail.
Collaborates with other subject matter experts to determine and communicate the business impact of changes to information risk policy and standards.
Reviews internal and external IT projects and applications for risk issues and ensures adherence to security policies, industry best practices, and security controls.
Facilitates reviews, identifies and documents any resulting breaks requiring remediation.
Defines testing processes for information risks associated with applications (both in-house and third party)
Conducts targeted and advisory application risk assessments and control testing
Maintains oversite of the front line unit remediation efforts as issues are identified
Performs independent review and challenge of front line unit RCSA outputs for processes related to application development and maintenance
Manages and conducts independent cyber risk assessments for applications; includes vulnerability scans, penetration tests and other assessment techniques
Stakeholder management and working across various parts of the organization
Bachelor's Degree or equivalent work experience required.
One or more of GSEC, CISSP, CISM, CISA, CRISC, CGEIT preferred, but not required
5 + years of related experience
Excellent knowledge of security systems and applications.
Knowledge of the financial services industry and its regulations / laws is required.
Knowledge of security systems and applications and be able to assist in communicating related policies, procedures, and guidelines.
Thorough understanding of control and risk management concepts and knowledge of the operational aspects of the information risk business is required.
Strong MS Office skills along with strong verbal and written communication skills.
Able to facilitate requirements gathering and be able to communicate risk mitigation strategies and track remediation.
Proven knowledge of application security assessment methodologies and technologies
Experienced in application security related standards, and best practices such as secure code reviews, secure SDLC and application vulnerability management
Prior experience with application development, Agile, and SDLC related processes is preferred
The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified.
We are proud to be an Equal Opportunity/Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate on the basis of race, color, national origin, religion, gender expression, gender identity, sex, age, ancestry, marital status, protected veteran and military status, disability, medical condition, sexual orientation, genetic information, or any other status of an individual or that individual’s associates or relatives that is protected under applicable federal, state, or local law.
Some MUFG roles require that individuals be fully vaccinated against COVID-19, subject to exemptions for medical or religious reasons, as well as any other reason required by applicable law or order. Should you be selected for an interview, your recruiter will provide additional information.